PixelFixer

Privacy Policy

Last updated: March 1, 2026

1. Introduction

PixelFixer ("we", "our", "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Data We Collect

2.1 Account Data

When you register, we collect your name, email address, and hashed password. If you enable two-factor authentication, we store encrypted TOTP secrets.

2.2 Usage Data

We collect information about how you interact with the Service, including pages visited, features used, timestamps, IP addresses, browser type, and operating system.

2.3 Bug Reports & Attachments

When you create bug reports, we store screenshots, annotations, URLs, browser metadata, and any comments or attachments you upload.

2.4 Cookies

We use essential cookies for authentication and preferences, and optional analytics cookies with your consent. See our Cookie Policy for details.

3. How We Use Your Data

  • To provide and maintain the Service.
  • To authenticate you and manage your sessions.
  • To send transactional emails (password resets, notifications).
  • To improve the Service through analytics (with consent).
  • To enforce our Terms of Service and prevent abuse.
  • To respond to support requests and legal obligations.

4. Data Sharing

We do not sell your personal data. We may share data with:

  • Team members: Other members of your team can see shared projects, tasks, and comments.
  • Service providers: Hosting (cloud infrastructure), email delivery, error tracking (Sentry), and analytics (PostHog, with consent).
  • Legal requirements: If required by law, regulation, or legal process.

5. Data Storage & Security

Your data is stored on secure servers with encryption at rest and in transit. We implement industry-standard security measures including CSP headers, HSTS, rate limiting, input sanitization, and regular security audits. File attachments are stored in S3-compatible object storage with access controls.

6. Your Rights (GDPR)

If you are in the EU/EEA, you have the right to:

  • Access: Request a copy of your personal data via Settings → Export Data.
  • Rectification: Update your profile information in Settings.
  • Erasure: Delete your account via Settings → Danger Zone.
  • Portability: Export your data in JSON format.
  • Object: Opt out of analytics cookies via the cookie consent banner.
  • Restriction: Contact us to restrict processing of your data.

7. Data Retention

We retain your account data for as long as your account is active. Bug reports and attachments are retained per team settings. Upon account deletion, personal data is purged within 30 days. Anonymized analytics data may be retained indefinitely.

8. International Transfers

Your data may be processed in countries outside your jurisdiction. We ensure appropriate safeguards (such as Standard Contractual Clauses) are in place for any international transfers.

9. Chrome Extension

The PixelFixer browser extension ("Extension") requires access to web pages you visit in order to provide its core bug-reporting functionality. Here is how the Extension handles data:

9.1 Permissions & Why They Are Needed

  • Host permissions (<all_urls>): Required so the Extension can inject the visual bug-reporting overlay (pins, highlight, screenshot crop) on any website you choose to inspect. The Extension only activates on a page when you explicitly click "Activate".
  • activeTab: Provides temporary access to the currently active tab to capture a screenshot when you report a bug.
  • tabs: Used to read the current page URL and title so bug reports include the correct page reference.
  • storage: Stores your authentication session token and selected team/project locally in the browser. No personal data is synced or shared.
  • scripting: Allows dynamic injection of the content script that renders bug pins, the report form, and the screenshot overlay on web pages.
  • contextMenus: Adds a "Report Bug on this page" option to the browser right-click menu for quick access.

9.2 Data Collected by the Extension

  • Screenshots: A visible-area screenshot is captured only when you submit a bug report. It is sent to the PixelFixer server and stored as a task attachment.
  • Page metadata: URL, page title, viewport size, browser user-agent, and console/network errors visible at the time of the report.
  • DOM context: A small HTML snippet of the pinned element to help developers reproduce the bug.

9.3 What the Extension Does NOT Do

  • Does not track browsing history or visited URLs beyond the page you actively report a bug on.
  • Does not collect or transmit any data from pages where you have not activated the extension.
  • Does not inject advertisements, trackers, or analytics scripts.
  • Does not read passwords, form inputs, cookies, or any confidential page data.
  • Does not sell, share, or monetize any user data.

9.4 Data Storage

The Extension stores only an authentication token and user preferences (team, project selection) in chrome.storage.local. This data never leaves your browser except as part of authenticated API requests to the PixelFixer server.

10. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or in-app notification. The updated policy will be posted on this page with a new effective date.

12. Contact

For privacy-related questions or requests, contact our Data Protection Officer at pixelfixer@mudrava.com or visit our Contact page.